52 lines
1.1 KiB
YAML
52 lines
1.1 KiB
YAML
---
|
|
- name: Copy server MOTD
|
|
template: src=files/motd dest=/etc/motd
|
|
|
|
- name: Install Yubico Authentication Module
|
|
apt:
|
|
name: libpam-yubico
|
|
state: latest
|
|
|
|
- name: Configure PAM
|
|
template: src=files/sshd dest=/etc/pam.d/sshd
|
|
|
|
- name: Add authusers file
|
|
lineinfile:
|
|
dest: /etc/authusers
|
|
line: '{{ item }}'
|
|
with_items:
|
|
- 'user1'
|
|
- 'user2'
|
|
|
|
- name: Add authorized_yubikeys file
|
|
copy:
|
|
src: files/authorized_yubikeys
|
|
dest: /etc/ssh/
|
|
|
|
- name: Copy adduser.sh script
|
|
copy:
|
|
src: files/adduser.sh
|
|
dest: /home/ansibleuser/
|
|
|
|
- name: Add custom /etc/hosts
|
|
lineinfile:
|
|
dest: /etc/hosts
|
|
line: '{{ item }}'
|
|
with_items:
|
|
- '127.0.0.1 localhost'
|
|
- '123.123.123.12 some.domain.com somewhere'
|
|
- '12.12.12.12 other.domains.com somewhereelse'
|
|
|
|
- name: Add SSH Keys
|
|
lineinfile:
|
|
dest: /home/ansibleuser/.ssh/authorized_keys
|
|
line: '{{ item }}'
|
|
with_items:
|
|
- 'ssh-rsa 1232346A+7654475n4x5y6GL657+V6mJ5Yp23s6I6o4+6N ansibleuser@host'
|
|
|
|
- name: Copy ssh configuration file
|
|
template: src=files/sshd_config dest=/etc/ssh/sshd_config
|
|
notify:
|
|
- restart ssh
|
|
|